Skip to content

Print a warning in gen-DSA if the package cannot be found for a given CVE

Introduced a new bin/check-package-cves script that check whether CVE(s) are related to a package. If not a list of CVEs not matching the package is printed and exit with error code 1. If all CVEs match the package nothing is printed and exit with 0.

bin/gen-DSA is also updated to call this new script and if an exit code != 0 is returned print a warning for the CVEs and ask the user if it should proceed.

For more information see: lts-team/lts-extra-tasks#61

Closes #30

Merge request reports

Loading